Optimal Dissemination of Security Patches in Mobile Wireless Networks

The security threat posed by malware in mobile wireless networks can be countered through immunization using security patches. The distribution of patches, however, consumes bandwidth that is scarce in wireless networks, and must, there fore, be judiciously controlled in order to attain desired tradeoffs between security risks and bandwidth consumption. We consider both nonreplicative and replicative dissemination of patches: a predetermined set of dispatcher nodes distribute the patches in the former, whereas the dispatcher set continually grows in the latter as the nodes that receive the patch become dispatchers themselves. In each case, the desired tradeoffs can be attained by activating at any given time only fractions of dispatchers and selecting their packet transmission rates. We formulate the afore said tradeoffs as optimal control problems that seek to minimize the aggregate network costs that depend on security risks and the overall extra bandwidth used in the network for dissemination of the security patches. We prove that the dynamic control strategies have simple structures: when the cost function associated with the bandwidth consumed in patching is concave, the control strategies are bang-bang with at most one jump from the maximum to the minimum value. When the cost function is strictly convex, the aforesaid transition is strict but continuous. We compare the efficacy of different dispatch models and also those of the optimum dynamic and static controls using numerical computations.